Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
Musterino_94372478_Ekno_101_20241031410530_ekstre.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Musterino_94372478_Ekno_101_20241031410530_ekstre.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmp7551.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Roaming\imOLmwQ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
||
C:\Users\user\AppData\Roaming\imOLmwQ.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\imOLmwQ.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ch1oaio5.lfz.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_e1cxgnta.5cv.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_nhkmyns0.yha.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ojvm21lv.zha.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_shqmdqcf.q2f.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_txnvzvxd.ugh.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yth3knwj.lbs.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zzrgfmu0.exq.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\tmp8BD7.tmp
|
XML 1.0 document, ASCII text
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\Musterino_94372478_Ekno_101_20241031410530_ekstre.exe
|
"C:\Users\user\Desktop\Musterino_94372478_Ekno_101_20241031410530_ekstre.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\Desktop\Musterino_94372478_Ekno_101_20241031410530_ekstre.exe"
|
||
C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
|
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" Add-MpPreference -ExclusionPath "C:\Users\user\AppData\Roaming\imOLmwQ.exe"
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\imOLmwQ" /XML "C:\Users\user\AppData\Local\Temp\tmp7551.tmp"
|
||
C:\Users\user\Desktop\Musterino_94372478_Ekno_101_20241031410530_ekstre.exe
|
"C:\Users\user\Desktop\Musterino_94372478_Ekno_101_20241031410530_ekstre.exe"
|
||
C:\Users\user\AppData\Roaming\imOLmwQ.exe
|
C:\Users\user\AppData\Roaming\imOLmwQ.exe
|
||
C:\Windows\SysWOW64\schtasks.exe
|
"C:\Windows\System32\schtasks.exe" /Create /TN "Updates\imOLmwQ" /XML "C:\Users\user\AppData\Local\Temp\tmp8BD7.tmp"
|
||
C:\Users\user\AppData\Roaming\imOLmwQ.exe
|
"C:\Users\user\AppData\Roaming\imOLmwQ.exe"
|
||
C:\Users\user\AppData\Roaming\imOLmwQ.exe
|
"C:\Users\user\AppData\Roaming\imOLmwQ.exe"
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
C:\Windows\System32\wbem\WmiPrvSE.exe
|
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
|
||
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 4 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
http://www.apache.org/licenses/LICENSE-2.0
|
unknown
|
||
http://www.fontbureau.com
|
unknown
|
||
http://www.fontbureau.com/designersG
|
unknown
|
||
http://www.sakkal.comrm$
|
unknown
|
||
http://www.fontbureau.com/designers/?
|
unknown
|
||
http://www.founder.com.cn/cn/bThe
|
unknown
|
||
https://account.dyn.com/
|
unknown
|
||
http://r11.o.lencr.org0#
|
unknown
|
||
http://www.fontbureau.com/designers?
|
unknown
|
||
http://www.tiro.com
|
unknown
|
||
http://www.fontbureau.com/designers
|
unknown
|
||
http://www.goodfont.co.kr
|
unknown
|
||
https://www.chiark.greenend.org.uk/~sgtatham/putty/0
|
unknown
|
||
http://www.carterandcone.coml
|
unknown
|
||
http://www.sajatypeworks.com
|
unknown
|
||
http://www.typography.netD
|
unknown
|
||
http://www.fontbureau.com/designers/cabarga.htmlN
|
unknown
|
||
http://www.founder.com.cn/cn/cThe
|
unknown
|
||
http://www.galapagosdesign.com/staff/dennis.htm
|
unknown
|
||
http://www.founder.com.cn/cn
|
unknown
|
||
http://www.fontbureau.com/designers/frere-user.html
|
unknown
|
||
http://x1.c.lencr.org/0
|
unknown
|
||
http://x1.i.lencr.org/0
|
unknown
|
||
http://www.jiyu-kobo.co.jp/
|
unknown
|
||
http://www.ascendercorp.com/typedesigners.htmlr
|
unknown
|
||
http://www.galapagosdesign.com/DPlease
|
unknown
|
||
http://www.fontbureau.com/designers8
|
unknown
|
||
http://www.fonts.com
|
unknown
|
||
http://www.sandoll.co.kr
|
unknown
|
||
http://zqamcx.com
|
unknown
|
||
http://www.urwpp.deDPlease
|
unknown
|
||
http://www.zhongyicts.com.cn
|
unknown
|
||
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
http://www.sakkal.com
|
unknown
|
||
http://r11.i.lencr.org/0#
|
unknown
|
There are 25 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
zqamcx.com
|
78.110.166.82
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
78.110.166.82
|
zqamcx.com
|
United Kingdom
|
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
40B000
|
remote allocation
|
page execute and read and write
|
||
33D1000
|
trusted library allocation
|
page read and write
|
||
341F000
|
trusted library allocation
|
page read and write
|
||
375E000
|
trusted library allocation
|
page read and write
|
||
3719000
|
trusted library allocation
|
page read and write
|
||
4329000
|
trusted library allocation
|
page read and write
|
||
3449000
|
trusted library allocation
|
page read and write
|
||
3788000
|
trusted library allocation
|
page read and write
|
||
1867000
|
trusted library allocation
|
page execute and read and write
|
||
4F14000
|
trusted library section
|
page readonly
|
||
5865000
|
trusted library allocation
|
page read and write
|
||
1ECE000
|
trusted library allocation
|
page read and write
|
||
49BB000
|
stack
|
page read and write
|
||
4711000
|
trusted library allocation
|
page read and write
|
||
2016000
|
trusted library allocation
|
page read and write
|
||
5B40000
|
heap
|
page read and write
|
||
538A000
|
trusted library allocation
|
page read and write
|
||
6630000
|
heap
|
page read and write
|
||
1908000
|
trusted library allocation
|
page read and write
|
||
59E0000
|
heap
|
page read and write
|
||
A85E000
|
stack
|
page read and write
|
||
1924000
|
trusted library allocation
|
page read and write
|
||
2010000
|
trusted library allocation
|
page read and write
|
||
6C8E000
|
stack
|
page read and write
|
||
16DD000
|
trusted library allocation
|
page execute and read and write
|
||
A99F000
|
stack
|
page read and write
|
||
7140000
|
heap
|
page read and write
|
||
1EDE000
|
trusted library allocation
|
page read and write
|
||
3775000
|
trusted library allocation
|
page read and write
|
||
F90000
|
trusted library allocation
|
page read and write
|
||
2FBE000
|
stack
|
page read and write
|
||
F4A000
|
trusted library allocation
|
page execute and read and write
|
||
5770000
|
heap
|
page read and write
|
||
5AB0000
|
heap
|
page read and write
|
||
5E8E000
|
stack
|
page read and write
|
||
1027000
|
heap
|
page read and write
|
||
1EE6000
|
trusted library allocation
|
page read and write
|
||
4779000
|
trusted library allocation
|
page read and write
|
||
1190000
|
heap
|
page read and write
|
||
31D0000
|
trusted library allocation
|
page read and write
|
||
6E9E000
|
stack
|
page read and write
|
||
3476000
|
trusted library allocation
|
page read and write
|
||
F33000
|
trusted library allocation
|
page read and write
|
||
200E000
|
stack
|
page read and write
|
||
5382000
|
trusted library allocation
|
page read and write
|
||
2CC0000
|
heap
|
page read and write
|
||
19A0000
|
heap
|
page read and write
|
||
1595000
|
heap
|
page read and write
|
||
BF0000
|
heap
|
page read and write
|
||
15A0000
|
heap
|
page read and write
|
||
FEE000
|
stack
|
page read and write
|
||
16A0000
|
trusted library allocation
|
page execute and read and write
|
||
AC5E000
|
stack
|
page read and write
|
||
16B0000
|
heap
|
page read and write
|
||
5FD2000
|
trusted library allocation
|
page read and write
|
||
1862000
|
trusted library allocation
|
page read and write
|
||
587D000
|
trusted library allocation
|
page read and write
|
||
14FE000
|
stack
|
page read and write
|
||
69E0000
|
trusted library allocation
|
page execute and read and write
|
||
64B0000
|
heap
|
page read and write
|
||
5890000
|
heap
|
page read and write
|
||
350E000
|
trusted library allocation
|
page read and write
|
||
97FE000
|
stack
|
page read and write
|
||
F70000
|
trusted library allocation
|
page read and write
|
||
1569000
|
heap
|
page read and write
|
||
1553000
|
trusted library allocation
|
page read and write
|
||
1633000
|
trusted library allocation
|
page execute and read and write
|
||
1E3F000
|
stack
|
page read and write
|
||
7D3E000
|
stack
|
page read and write
|
||
4561000
|
trusted library allocation
|
page read and write
|
||
2D0F000
|
stack
|
page read and write
|
||
70DF000
|
stack
|
page read and write
|
||
7FB50000
|
trusted library allocation
|
page execute and read and write
|
||
20F0000
|
heap
|
page execute and read and write
|
||
400000
|
remote allocation
|
page execute and read and write
|
||
4F10000
|
trusted library section
|
page readonly
|
||
1525000
|
heap
|
page read and write
|
||
5D30000
|
trusted library section
|
page read and write
|
||
ABF000
|
heap
|
page read and write
|
||
5A50000
|
heap
|
page read and write
|
||
185F000
|
stack
|
page read and write
|
||
70F0000
|
trusted library allocation
|
page read and write
|
||
F80000
|
trusted library allocation
|
page execute and read and write
|
||
151B000
|
heap
|
page read and write
|
||
5AC0000
|
heap
|
page read and write
|
||
154D000
|
trusted library allocation
|
page execute and read and write
|
||
31DB000
|
trusted library allocation
|
page read and write
|
||
70E0000
|
heap
|
page read and write
|
||
4F43000
|
heap
|
page read and write
|
||
3981000
|
trusted library allocation
|
page read and write
|
||
1856000
|
trusted library allocation
|
page execute and read and write
|
||
3A14000
|
trusted library allocation
|
page read and write
|
||
5120000
|
trusted library allocation
|
page execute and read and write
|
||
7C3E000
|
stack
|
page read and write
|
||
5150000
|
heap
|
page execute and read and write
|
||
6C4D000
|
stack
|
page read and write
|
||
D0E000
|
stack
|
page read and write
|
||
2FC0000
|
heap
|
page read and write
|
||
163D000
|
trusted library allocation
|
page execute and read and write
|
||
F40000
|
trusted library allocation
|
page read and write
|
||
1180000
|
heap
|
page read and write
|
||
585E000
|
trusted library allocation
|
page read and write
|
||
6BB0000
|
heap
|
page read and write
|
||
5860000
|
trusted library allocation
|
page read and write
|
||
16E0000
|
trusted library allocation
|
page read and write
|
||
1560000
|
trusted library allocation
|
page read and write
|
||
5FD0000
|
trusted library allocation
|
page read and write
|
||
2014000
|
trusted library allocation
|
page read and write
|
||
4E40000
|
trusted library allocation
|
page read and write
|
||
2DE0000
|
heap
|
page read and write
|
||
69DE000
|
stack
|
page read and write
|
||
AE3000
|
heap
|
page read and write
|
||
18A0000
|
heap
|
page read and write
|
||
5D8C000
|
stack
|
page read and write
|
||
1562000
|
trusted library allocation
|
page read and write
|
||
1570000
|
trusted library allocation
|
page read and write
|
||
16F2000
|
trusted library allocation
|
page read and write
|
||
5930000
|
trusted library allocation
|
page read and write
|
||
2E1E000
|
unkown
|
page read and write
|
||
5900000
|
trusted library allocation
|
page execute and read and write
|
||
1730000
|
trusted library allocation
|
page read and write
|
||
1740000
|
trusted library allocation
|
page read and write
|
||
1F00000
|
heap
|
page execute and read and write
|
||
4E04000
|
trusted library allocation
|
page read and write
|
||
184D000
|
trusted library allocation
|
page execute and read and write
|
||
45A1000
|
trusted library allocation
|
page read and write
|
||
B3A000
|
heap
|
page read and write
|
||
16F5000
|
trusted library allocation
|
page execute and read and write
|
||
1620000
|
trusted library allocation
|
page read and write
|
||
38B4000
|
trusted library allocation
|
page read and write
|
||
6DEE000
|
stack
|
page read and write
|
||
31F0000
|
heap
|
page read and write
|
||
9DBE000
|
stack
|
page read and write
|
||
5EA0000
|
trusted library allocation
|
page read and write
|
||
A89E000
|
stack
|
page read and write
|
||
3835000
|
trusted library allocation
|
page read and write
|
||
356A000
|
trusted library allocation
|
page read and write
|
||
5F90000
|
trusted library allocation
|
page execute and read and write
|
||
BDE000
|
stack
|
page read and write
|
||
4E0B000
|
trusted library allocation
|
page read and write
|
||
7E7000
|
stack
|
page read and write
|
||
97BF000
|
stack
|
page read and write
|
||
34A9000
|
trusted library allocation
|
page read and write
|
||
541C000
|
stack
|
page read and write
|
||
A71F000
|
stack
|
page read and write
|
||
AC1F000
|
stack
|
page read and write
|
||
6A5A000
|
heap
|
page read and write
|
||
3138000
|
trusted library allocation
|
page read and write
|
||
1540000
|
trusted library allocation
|
page read and write
|
||
389C000
|
trusted library allocation
|
page read and write
|
||
5E50000
|
trusted library allocation
|
page execute and read and write
|
||
1616000
|
heap
|
page read and write
|
||
1750000
|
trusted library allocation
|
page read and write
|
||
14E0000
|
trusted library allocation
|
page read and write
|
||
6E2E000
|
stack
|
page read and write
|
||
160E000
|
stack
|
page read and write
|
||
4E21000
|
trusted library allocation
|
page read and write
|
||
3B20000
|
trusted library allocation
|
page read and write
|
||
1010000
|
trusted library allocation
|
page read and write
|
||
403000
|
remote allocation
|
page execute and read and write
|
||
158D000
|
heap
|
page read and write
|
||
F3D000
|
trusted library allocation
|
page execute and read and write
|
||
598C000
|
stack
|
page read and write
|
||
53B0000
|
heap
|
page read and write
|
||
7130000
|
heap
|
page read and write
|
||
A06E000
|
heap
|
page read and write
|
||
58F0000
|
heap
|
page read and write
|
||
698E000
|
stack
|
page read and write
|
||
F30000
|
trusted library allocation
|
page read and write
|
||
6A8B000
|
heap
|
page read and write
|
||
D14000
|
trusted library allocation
|
page read and write
|
||
355D000
|
trusted library allocation
|
page read and write
|
||
198E000
|
stack
|
page read and write
|
||
80D000
|
stack
|
page read and write
|
||
14B0000
|
heap
|
page read and write
|
||
1587000
|
heap
|
page read and write
|
||
3790000
|
trusted library allocation
|
page read and write
|
||
2970000
|
heap
|
page read and write
|
||
EB2000
|
unkown
|
page readonly
|
||
18B0000
|
heap
|
page read and write
|
||
5856000
|
trusted library allocation
|
page read and write
|
||
1544000
|
trusted library allocation
|
page read and write
|
||
5876000
|
trusted library allocation
|
page read and write
|
||
14AE000
|
stack
|
page read and write
|
||
F57000
|
trusted library allocation
|
page execute and read and write
|
||
16FE000
|
stack
|
page read and write
|
||
694E000
|
stack
|
page read and write
|
||
3A8D000
|
trusted library allocation
|
page read and write
|
||
4E00000
|
trusted library allocation
|
page read and write
|
||
1760000
|
heap
|
page read and write
|
||
AD5E000
|
stack
|
page read and write
|
||
337B000
|
trusted library allocation
|
page read and write
|
||
6DDD000
|
stack
|
page read and write
|
||
AB1E000
|
stack
|
page read and write
|
||
2A86000
|
trusted library allocation
|
page read and write
|
||
1EDA000
|
trusted library allocation
|
page read and write
|
||
15AA000
|
heap
|
page read and write
|
||
A50000
|
heap
|
page read and write
|
||
98FE000
|
stack
|
page read and write
|
||
6860000
|
trusted library allocation
|
page execute and read and write
|
||
53B5000
|
heap
|
page read and write
|
||
16C0000
|
trusted library allocation
|
page read and write
|
||
1015000
|
trusted library allocation
|
page read and write
|
||
11B9000
|
stack
|
page read and write
|
||
3210000
|
heap
|
page execute and read and write
|
||
341D000
|
trusted library allocation
|
page read and write
|
||
3AC9000
|
trusted library allocation
|
page read and write
|
||
1370000
|
heap
|
page read and write
|
||
1EA0000
|
trusted library allocation
|
page read and write
|
||
1767000
|
heap
|
page read and write
|
||
13E6000
|
heap
|
page read and write
|
||
5E70000
|
trusted library allocation
|
page read and write
|
||
69F0000
|
trusted library allocation
|
page read and write
|
||
699E000
|
stack
|
page read and write
|
||
6F4F000
|
stack
|
page read and write
|
||
1566000
|
trusted library allocation
|
page execute and read and write
|
||
D10000
|
trusted library allocation
|
page read and write
|
||
3451000
|
trusted library allocation
|
page read and write
|
||
5E4D000
|
stack
|
page read and write
|
||
1543000
|
trusted library allocation
|
page execute and read and write
|
||
70E0000
|
trusted library allocation
|
page read and write
|
||
4EB0000
|
trusted library allocation
|
page read and write
|
||
13BE000
|
stack
|
page read and write
|
||
3799000
|
trusted library allocation
|
page read and write
|
||
B9C000
|
heap
|
page read and write
|
||
2E80000
|
heap
|
page read and write
|
||
1852000
|
trusted library allocation
|
page read and write
|
||
54CE000
|
stack
|
page read and write
|
||
3897000
|
trusted library allocation
|
page read and write
|
||
213E000
|
stack
|
page read and write
|
||
58F3000
|
heap
|
page read and write
|
||
F46000
|
trusted library allocation
|
page execute and read and write
|
||
A541000
|
trusted library allocation
|
page read and write
|
||
16CD000
|
trusted library allocation
|
page execute and read and write
|
||
31FD000
|
trusted library allocation
|
page read and write
|
||
586E000
|
trusted library allocation
|
page read and write
|
||
4EB2000
|
trusted library allocation
|
page read and write
|
||
11DE000
|
stack
|
page read and write
|
||
A53E000
|
stack
|
page read and write
|
||
58E2000
|
trusted library allocation
|
page read and write
|
||
156A000
|
trusted library allocation
|
page execute and read and write
|
||
6CDE000
|
stack
|
page read and write
|
||
5890000
|
trusted library allocation
|
page read and write
|
||
7A40000
|
heap
|
page read and write
|
||
31DE000
|
stack
|
page read and write
|
||
D1D000
|
trusted library allocation
|
page execute and read and write
|
||
1542000
|
heap
|
page read and write
|
||
6856000
|
trusted library allocation
|
page read and write
|
||
9B80000
|
heap
|
page read and write
|
||
F42000
|
trusted library allocation
|
page read and write
|
||
4EDB000
|
trusted library allocation
|
page read and write
|
||
31F1000
|
trusted library allocation
|
page read and write
|
||
3A50000
|
trusted library allocation
|
page read and write
|
||
1720000
|
trusted library allocation
|
page execute and read and write
|
||
A60000
|
heap
|
page read and write
|
||
6A81000
|
heap
|
page read and write
|
||
16D0000
|
trusted library allocation
|
page read and write
|
||
1550000
|
trusted library allocation
|
page read and write
|
||
16C4000
|
trusted library allocation
|
page read and write
|
||
BF5000
|
heap
|
page read and write
|
||
586A000
|
trusted library allocation
|
page read and write
|
||
5882000
|
trusted library allocation
|
page read and write
|
||
B23C000
|
stack
|
page read and write
|
||
58D0000
|
heap
|
page read and write
|
||
B6A000
|
heap
|
page read and write
|
||
5FF6000
|
trusted library allocation
|
page read and write
|
||
1466000
|
heap
|
page read and write
|
||
1640000
|
heap
|
page read and write
|
||
173C000
|
stack
|
page read and write
|
||
B8A000
|
heap
|
page read and write
|
||
AEFE000
|
stack
|
page read and write
|
||
6BA0000
|
heap
|
page read and write
|
||
5990000
|
trusted library section
|
page readonly
|
||
1840000
|
trusted library allocation
|
page read and write
|
||
649E000
|
heap
|
page read and write
|
||
B94000
|
heap
|
page read and write
|
||
15AE000
|
heap
|
page read and write
|
||
6F9E000
|
stack
|
page read and write
|
||
37E8000
|
trusted library allocation
|
page read and write
|
||
191C000
|
stack
|
page read and write
|
||
5E60000
|
trusted library allocation
|
page read and write
|
||
4F30000
|
heap
|
page read and write
|
||
708D000
|
stack
|
page read and write
|
||
F52000
|
trusted library allocation
|
page read and write
|
||
15E2000
|
heap
|
page read and write
|
||
A060000
|
heap
|
page read and write
|
||
5390000
|
trusted library allocation
|
page read and write
|
||
5830000
|
trusted library allocation
|
page read and write
|
||
AA0000
|
heap
|
page read and write
|
||
3C22000
|
trusted library allocation
|
page read and write
|
||
443A000
|
trusted library allocation
|
page read and write
|
||
5871000
|
trusted library allocation
|
page read and write
|
||
6BE2000
|
heap
|
page read and write
|
||
43D000
|
remote allocation
|
page execute and read and write
|
||
13E0000
|
heap
|
page read and write
|
||
5E90000
|
trusted library allocation
|
page execute and read and write
|
||
5760000
|
heap
|
page read and write
|
||
2F80000
|
heap
|
page read and write
|
||
110A000
|
stack
|
page read and write
|
||
1677000
|
heap
|
page read and write
|
||
F2E000
|
stack
|
page read and write
|
||
A43E000
|
stack
|
page read and write
|
||
B13C000
|
stack
|
page read and write
|
||
A75E000
|
stack
|
page read and write
|
||
4ED0000
|
trusted library allocation
|
page read and write
|
||
297F000
|
unkown
|
page read and write
|
||
2148000
|
trusted library allocation
|
page read and write
|
||
4E2D000
|
trusted library allocation
|
page read and write
|
||
1890000
|
trusted library allocation
|
page execute and read and write
|
||
4ABC000
|
stack
|
page read and write
|
||
F5B000
|
trusted library allocation
|
page execute and read and write
|
||
1020000
|
heap
|
page read and write
|
||
1740000
|
trusted library allocation
|
page read and write
|
||
7A4E000
|
heap
|
page read and write
|
||
1590000
|
trusted library allocation
|
page read and write
|
||
720E000
|
stack
|
page read and write
|
||
7662000
|
trusted library allocation
|
page read and write
|
||
1880000
|
trusted library allocation
|
page read and write
|
||
7F70000
|
trusted library section
|
page read and write
|
||
4E60000
|
trusted library allocation
|
page read and write
|
||
EB0000
|
unkown
|
page readonly
|
||
D20000
|
heap
|
page read and write
|
||
7F9D0000
|
trusted library allocation
|
page execute and read and write
|
||
664E000
|
stack
|
page read and write
|
||
15D5000
|
heap
|
page read and write
|
||
5380000
|
trusted library allocation
|
page read and write
|
||
66AE000
|
stack
|
page read and write
|
||
2980000
|
heap
|
page read and write
|
||
1420000
|
heap
|
page read and write
|
||
B02D000
|
heap
|
page read and write
|
||
4EA0000
|
heap
|
page read and write
|
||
1430000
|
heap
|
page read and write
|
||
70A0000
|
trusted library allocation
|
page read and write
|
||
68AE000
|
stack
|
page read and write
|
||
43D1000
|
trusted library allocation
|
page read and write
|
||
AADD000
|
stack
|
page read and write
|
||
4739000
|
trusted library allocation
|
page read and write
|
||
1170000
|
heap
|
page read and write
|
||
12F7000
|
stack
|
page read and write
|
||
3550000
|
trusted library allocation
|
page read and write
|
||
1EE1000
|
trusted library allocation
|
page read and write
|
||
4E26000
|
trusted library allocation
|
page read and write
|
||
54BD000
|
stack
|
page read and write
|
||
331E000
|
stack
|
page read and write
|
||
A062000
|
heap
|
page read and write
|
||
3445000
|
trusted library allocation
|
page read and write
|
||
300F000
|
stack
|
page read and write
|
||
A067000
|
heap
|
page read and write
|
||
FF0000
|
trusted library allocation
|
page read and write
|
||
1710000
|
trusted library allocation
|
page read and write
|
||
6460000
|
heap
|
page read and write
|
||
18FE000
|
stack
|
page read and write
|
||
1E80000
|
heap
|
page read and write
|
||
1850000
|
trusted library allocation
|
page read and write
|
||
1675000
|
heap
|
page read and write
|
||
AE1000
|
heap
|
page read and write
|
||
28D8000
|
trusted library allocation
|
page read and write
|
||
21BE000
|
stack
|
page read and write
|
||
207C000
|
stack
|
page read and write
|
||
29DB000
|
trusted library allocation
|
page read and write
|
||
166A000
|
heap
|
page read and write
|
||
993E000
|
stack
|
page read and write
|
||
52E0000
|
trusted library allocation
|
page execute and read and write
|
||
FFA000
|
stack
|
page read and write
|
||
16F0000
|
trusted library allocation
|
page read and write
|
||
6FDE000
|
stack
|
page read and write
|
||
59CC000
|
stack
|
page read and write
|
||
186B000
|
trusted library allocation
|
page execute and read and write
|
||
5910000
|
trusted library allocation
|
page read and write
|
||
155D000
|
trusted library allocation
|
page execute and read and write
|
||
2173000
|
heap
|
page read and write
|
||
3577000
|
trusted library allocation
|
page read and write
|
||
59DC000
|
trusted library allocation
|
page read and write
|
||
5D6E000
|
stack
|
page read and write
|
||
5870000
|
trusted library allocation
|
page read and write
|
||
1780000
|
heap
|
page read and write
|
||
1ECB000
|
trusted library allocation
|
page read and write
|
||
34F2000
|
trusted library allocation
|
page read and write
|
||
3784000
|
trusted library allocation
|
page read and write
|
||
6635000
|
heap
|
page read and write
|
||
3557000
|
trusted library allocation
|
page read and write
|
||
1460000
|
heap
|
page read and write
|
||
53A0000
|
trusted library allocation
|
page execute and read and write
|
||
4F40000
|
heap
|
page read and write
|
||
1750000
|
heap
|
page read and write
|
||
5C2C000
|
stack
|
page read and write
|
||
B000000
|
heap
|
page read and write
|
||
B37E000
|
stack
|
page read and write
|
||
6A50000
|
heap
|
page read and write
|
||
6E0F000
|
stack
|
page read and write
|
||
5838000
|
trusted library allocation
|
page read and write
|
||
1572000
|
trusted library allocation
|
page read and write
|
||
3989000
|
trusted library allocation
|
page read and write
|
||
2C3D000
|
stack
|
page read and write
|
||
6470000
|
heap
|
page read and write
|
||
1EC0000
|
trusted library allocation
|
page read and write
|
||
43F9000
|
trusted library allocation
|
page read and write
|
||
52F0000
|
trusted library allocation
|
page read and write
|
||
14F9000
|
stack
|
page read and write
|
||
9DFE000
|
stack
|
page read and write
|
||
28CE000
|
stack
|
page read and write
|
||
16C3000
|
trusted library allocation
|
page execute and read and write
|
||
2020000
|
trusted library allocation
|
page read and write
|
||
14F0000
|
heap
|
page read and write
|
||
2E5F000
|
unkown
|
page read and write
|
||
A06A000
|
heap
|
page read and write
|
||
20DE000
|
stack
|
page read and write
|
||
6B9E000
|
stack
|
page read and write
|
||
388B000
|
trusted library allocation
|
page read and write
|
||
3BA1000
|
trusted library allocation
|
page read and write
|
||
3321000
|
trusted library allocation
|
page read and write
|
||
5B70000
|
heap
|
page execute and read and write
|
||
1EED000
|
trusted library allocation
|
page read and write
|
||
E2F000
|
stack
|
page read and write
|
||
2DA0000
|
heap
|
page read and write
|
||
6850000
|
trusted library allocation
|
page read and write
|
||
F6A000
|
unkown
|
page readonly
|
||
5FE0000
|
trusted library allocation
|
page execute and read and write
|
||
1530000
|
trusted library allocation
|
page read and write
|
||
5EAF000
|
stack
|
page read and write
|
||
1692000
|
heap
|
page read and write
|
||
2981000
|
trusted library allocation
|
page read and write
|
||
9F00000
|
heap
|
page read and write
|
||
9CBD000
|
stack
|
page read and write
|
||
402000
|
remote allocation
|
page execute and read and write
|
||
7100000
|
trusted library allocation
|
page read and write
|
||
59D0000
|
trusted library allocation
|
page read and write
|
||
2140000
|
trusted library allocation
|
page read and write
|
||
5FD6000
|
trusted library allocation
|
page read and write
|
||
4EC0000
|
trusted library allocation
|
page execute and read and write
|
||
AFFE000
|
stack
|
page read and write
|
||
409000
|
remote allocation
|
page execute and read and write
|
||
3424000
|
trusted library allocation
|
page read and write
|
||
31E0000
|
trusted library allocation
|
page read and write
|
||
BE0000
|
trusted library allocation
|
page read and write
|
||
4EF0000
|
trusted library allocation
|
page read and write
|
||
A2BC000
|
stack
|
page read and write
|
||
3427000
|
trusted library allocation
|
page read and write
|
||
5C6E000
|
stack
|
page read and write
|
||
A040000
|
heap
|
page read and write
|
||
FA0000
|
heap
|
page execute and read and write
|
||
158A000
|
heap
|
page read and write
|
||
5EEE000
|
stack
|
page read and write
|
||
3250000
|
heap
|
page read and write
|
||
FF4000
|
trusted library allocation
|
page read and write
|
||
3C01000
|
trusted library allocation
|
page read and write
|
||
375C000
|
trusted library allocation
|
page read and write
|
||
1ED2000
|
trusted library allocation
|
page read and write
|
||
3441000
|
trusted library allocation
|
page read and write
|
||
84A000
|
stack
|
page read and write
|
||
6E4E000
|
stack
|
page read and write
|
||
5840000
|
heap
|
page execute and read and write
|
||
2E8B000
|
heap
|
page read and write
|
||
2DD0000
|
heap
|
page read and write
|
||
33C0000
|
heap
|
page execute and read and write
|
||
660E000
|
stack
|
page read and write
|
||
43E1000
|
trusted library allocation
|
page read and write
|
||
5D40000
|
heap
|
page read and write
|
||
1577000
|
trusted library allocation
|
page execute and read and write
|
||
4321000
|
trusted library allocation
|
page read and write
|
||
1865000
|
trusted library allocation
|
page execute and read and write
|
||
6BBE000
|
heap
|
page read and write
|
||
1195000
|
heap
|
page read and write
|
||
188F000
|
stack
|
page read and write
|
||
1860000
|
trusted library allocation
|
page read and write
|
||
189E000
|
stack
|
page read and write
|
||
3428000
|
trusted library allocation
|
page read and write
|
||
38A9000
|
trusted library allocation
|
page read and write
|
||
2C7A000
|
stack
|
page read and write
|
||
68B0000
|
trusted library allocation
|
page execute and read and write
|
||
70B0000
|
trusted library allocation
|
page read and write
|
||
5862000
|
trusted library allocation
|
page read and write
|
||
38AC000
|
trusted library allocation
|
page read and write
|
||
2170000
|
heap
|
page read and write
|
||
AAE000
|
heap
|
page read and write
|
||
5FDC000
|
trusted library allocation
|
page read and write
|
||
7099000
|
trusted library allocation
|
page read and write
|
||
585B000
|
trusted library allocation
|
page read and write
|
||
7090000
|
trusted library allocation
|
page read and write
|
||
15E0000
|
heap
|
page read and write
|
||
5300000
|
heap
|
page read and write
|
||
388F000
|
trusted library allocation
|
page read and write
|
||
659E000
|
stack
|
page read and write
|
||
1770000
|
trusted library allocation
|
page read and write
|
||
16FB000
|
trusted library allocation
|
page execute and read and write
|
||
1360000
|
heap
|
page read and write
|
||
1930000
|
heap
|
page read and write
|
||
A2FE000
|
stack
|
page read and write
|
||
384D000
|
trusted library allocation
|
page read and write
|
||
43C000
|
remote allocation
|
page execute and read and write
|
||
10BA000
|
stack
|
page read and write
|
||
3780000
|
trusted library allocation
|
page read and write
|
||
16E6000
|
trusted library allocation
|
page execute and read and write
|
||
4E32000
|
trusted library allocation
|
page read and write
|
||
1920000
|
trusted library allocation
|
page read and write
|
||
D13000
|
trusted library allocation
|
page execute and read and write
|
||
31F6000
|
trusted library allocation
|
page read and write
|
||
3711000
|
trusted library allocation
|
page read and write
|
||
8B0000
|
heap
|
page read and write
|
||
1630000
|
trusted library allocation
|
page read and write
|
||
169E000
|
heap
|
page read and write
|
||
1500000
|
heap
|
page read and write
|
||
7640000
|
trusted library allocation
|
page read and write
|
||
185A000
|
trusted library allocation
|
page execute and read and write
|
||
5FF0000
|
trusted library allocation
|
page read and write
|
||
AAA000
|
heap
|
page read and write
|
||
9A7D000
|
stack
|
page read and write
|
||
A9DD000
|
stack
|
page read and write
|
||
A1BC000
|
stack
|
page read and write
|
||
6DCE000
|
stack
|
page read and write
|
||
2F8B000
|
heap
|
page read and write
|
||
70E9000
|
trusted library allocation
|
page read and write
|
||
69A0000
|
trusted library allocation
|
page read and write
|
||
3208000
|
trusted library allocation
|
page read and write
|
||
7100000
|
trusted library allocation
|
page execute and read and write
|
||
1EB0000
|
trusted library allocation
|
page read and write
|
||
5B50000
|
trusted library allocation
|
page execute and read and write
|
||
3BC1000
|
trusted library allocation
|
page read and write
|
||
68FE000
|
stack
|
page read and write
|
||
6D8F000
|
stack
|
page read and write
|
||
6EA000
|
stack
|
page read and write
|
||
9A3E000
|
stack
|
page read and write
|
||
5E80000
|
trusted library allocation
|
page read and write
|
||
511B000
|
stack
|
page read and write
|
||
14F8000
|
heap
|
page read and write
|
||
58E0000
|
trusted library allocation
|
page read and write
|
||
A3FE000
|
stack
|
page read and write
|
||
16D4000
|
heap
|
page read and write
|
||
AD5000
|
heap
|
page read and write
|
||
3766000
|
trusted library allocation
|
page read and write
|
||
1634000
|
trusted library allocation
|
page read and write
|
||
B041000
|
heap
|
page read and write
|
||
4F20000
|
heap
|
page read and write
|
||
1527000
|
heap
|
page read and write
|
||
5DAE000
|
stack
|
page read and write
|
||
34F6000
|
trusted library allocation
|
page read and write
|
||
9EFE000
|
stack
|
page read and write
|
||
B11000
|
heap
|
page read and write
|
||
29CE000
|
stack
|
page read and write
|
||
157B000
|
trusted library allocation
|
page execute and read and write
|
||
6F8E000
|
stack
|
page read and write
|
||
43E000
|
remote allocation
|
page execute and read and write
|
||
59E3000
|
heap
|
page read and write
|
||
803E000
|
stack
|
page read and write
|
||
3831000
|
trusted library allocation
|
page read and write
|
||
73A0000
|
heap
|
page read and write
|
||
B27E000
|
stack
|
page read and write
|
||
6DAF000
|
stack
|
page read and write
|
||
16E2000
|
trusted library allocation
|
page read and write
|
||
3CA2000
|
trusted library allocation
|
page read and write
|
||
3436000
|
trusted library allocation
|
page read and write
|
||
4E1E000
|
trusted library allocation
|
page read and write
|
||
5F8E000
|
stack
|
page read and write
|
||
1000000
|
trusted library allocation
|
page read and write
|
||
1E7C000
|
stack
|
page read and write
|
||
6990000
|
trusted library allocation
|
page execute and read and write
|
||
5B30000
|
heap
|
page read and write
|
||
54F0000
|
trusted library allocation
|
page read and write
|
||
5850000
|
trusted library allocation
|
page read and write
|
||
B391000
|
trusted library allocation
|
page read and write
|
||
52DE000
|
stack
|
page read and write
|
||
16F7000
|
trusted library allocation
|
page execute and read and write
|
||
9B7D000
|
stack
|
page read and write
|
||
7160000
|
trusted library allocation
|
page execute and read and write
|
||
FF6000
|
trusted library allocation
|
page read and write
|
||
16EA000
|
trusted library allocation
|
page execute and read and write
|
||
8FE000
|
unkown
|
page read and write
|
||
345A000
|
trusted library allocation
|
page read and write
|
||
31EE000
|
trusted library allocation
|
page read and write
|
There are 559 hidden memdumps, click here to show them.